1 Star 0 Fork 57

jessechanrui / Auth-Service

forked from keets2012 / Auth-Service 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
贡献代码
同步代码
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README
MIT

Build Status codebeat badge

change logs

  • 2018.9.1

    版本升到2.0-SNAPSHOT,欲使用sb1.5.x版本,请切换到TAG 1.0-RELEASE。by CANGWU

    Spring Cloud Security 升级到Finchley.RELEASE,Spring Boot由1.5.X升级到2.0.X。

        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-dependencies</artifactId>
            <version>Finchley.RELEASE</version>
       </dependency>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.0.0.RELEASE</version>
    </parent>

quick start

本次对项目结构进行了更新,token的存储机制基于redis,当然存储方式可以自由切换,Spring Security提供了SPI的多种实现。

客户端的信息还是基于jdbc实现,所以需要导入项目中提供的表oauth_client_details

推荐首先阅读专栏文章:认证鉴权与API权限控制在微服务架构中的设计与实现

单独的整合项目地址为:
GitHub:https://github.com/keets2012/microservice-integration
或者 码云:https://gitee.com/keets/microservice-integration

maintainer

  • keets2012
  • CANGWU

password模式

项目克隆之后:

  1. 安装一下,mvn clean install
  2. 修改Auth项目中的配置文件,写了XXXX的地方,替换成自己的实际地址(redis和mysql)
  3. 数据库导入,sql脚本在项目中。创建auth数据库,运行auth.sql
  4. mvn clean spring-boot:run
  5. 其他细节参考博客
  6. 你的star是对我最好的鼓励^_^

进行请求获取Token授权: head form

笔者自己运行了结果如下:

{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MDkwNzMzMjcsIlgtQU9ITy1Vc2VySWQiOiIxNGY1MmE0OS0yYTgxLTRhMmYtOGI5Mi01ZmU0NzUzZGRmZGEiLCJ1c2VyX25hbWUiOiIxODM2MjkxNjcyNiIsImp0aSI6IjM5NDEzN2I5LTNjZGItNGUyNy04NGRjLWM5YjEyYzk3ZTA4YyIsImNsaWVudF9pZCI6ImZyb250ZW5kIiwic2NvcGUiOlsiYWxsIl19.pGZhGNVECg0b4LB_pYXTTVKjNn8FA5biM04Bhcd-MEE",
    "token_type": "bearer",
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiIxODM2MjkxNjcyNiIsInNjb3BlIjpbImFsbCJdLCJhdGkiOiIzOTQxMzdiOS0zY2RiLTRlMjctODRkYy1jOWIxMmM5N2UwOGMiLCJleHAiOjE1MTE2MjIxMjcsIlgtQU9ITy1Vc2VySWQiOiIxNGY1MmE0OS0yYTgxLTRhMmYtOGI5Mi01ZmU0NzUzZGRmZGEiLCJqdGkiOiJkYTBmOTMxMS1lZjc0LTRiMjQtODViZi04ZTNjNDVhNGEyNzkiLCJjbGllbnRfaWQiOiJmcm9udGVuZCJ9.2MRdqEogAwbesRfj2TKoWhMazItBlpjbQx7dlgfFpHE",
    "expires_in": 43199,
    "scope": "all",
    "X-AOHO-UserId": "14f52a49-2a81-4a2f-8b92-5fe4753ddfda",
    "jti": "394137b9-3cdb-4e27-84dc-c9b12c97e08c",
    "X-AOHO-ClientId": "frontend"
}

ps: 登录的用户名密码要在表单里面写,内容随意,因为在代码中已经去掉了对user服务的校验。

授权码模式

本次更新添加了对授权码模式的使用

授权码模式需要用户登录,所以借助浏览器

首先给数据库表中的oauth_client_details表中client_idfrontend的行authorized_grant_types添加authorization_codeweb_server_redirect_uri设置为http://localhost:8080。表示该客户端允许授权码模式以及授权码回调地址为http://localhost:8080

浏览器访问地址

http://localhost:9000/oauth/authorize?response_type=code&client_id=frontend&
scope=all&redirect_uri=http://localhost:8080

进入登录授权页面并同意授权,从回调地址中获取授权码

http://localhost:8080/?code=xGjrTm

通过授权码获取access_token

method: post 
url: http://localhost:9000/oauth/token?grant_type=authorization_code
header:
{
  Authorization: Basic ZnJvbnRlbmQ6ZnJvbnRlbmQ=,
  Content-Type: application/x-www-form-urlencoded
}
body:
{
  code: xGjrTm,
  redirect_uri: http://localhost:8080
}

写在最后

项目整合如果遇到问题,可以加入qq群交流。

有问题联系 aoho002#gmail.com

MIT License

Copyright (c) 2018 aoho

MIT License Copyright (c) 2018 aoho Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

简介

spring security + oauth2.0 + jwt 展开 收起
MIT
取消

发行版

暂无发行版

贡献者

全部

近期动态

加载更多
不能加载更多了
1
https://gitee.com/chenrui/Auth-Service.git
git@gitee.com:chenrui/Auth-Service.git
chenrui
Auth-Service
Auth-Service
master

搜索帮助

14c37bed 8189591 565d56ea 8189591